Inside Privacy

Website: https://www.insideprivacy.com/
Follow:

Inside Privacy Blogs

Inside Privacy

Blog Authors

ABCDEFGHIJKLMNOPQRSTUVWXYZ
Xuezi Dan
Moriah Daugherty
Matthew DelNero
Stefanie Doebler
Madeleine Dolan
Yaron Dori
Marianna Drake
Natalie Dugan
Ben Duke
Ariel Dukes
Olivia Dworkin

Latest from Inside Privacy

On June 23, 2025, the New York State Department of Financial Services (“NY DFS”) issued guidance to NY DFS-regulated individuals and entities regarding the impact of “ongoing global conflicts” to the financial sector. The guidance follows a bulletin from the U.S. Department of Homeland Security about the “heightened threat environment” in the United States, which

This year, state lawmakers have introduced over a dozen bills to regulate “surveillance,” “personalized,” or “dynamic” pricing.  Although many of these proposals have failed as 2025 state legislative sessions come to a close, lawmakers in New York, California, and a handful of other states are moving forward with a range of different approaches.  These proposals

On June 2, 2025, the New Jersey Division of Consumer Affairs published draft regulations to implement the New Jersey Data Protection Act, which went into effect on January 1, 2025. The draft regulations propose detailed requirements, including for privacy notices, consent, and consumer rights. Interested parties may submit written comments by August 1, 2025.

A number of previously enacted laws related to privacy and minors’ use of social media platforms will enter into force in July 2025.  These laws include comprehensive privacy frameworks in Tennessee and Minnesota, as well as laws governing the use of social media platforms by minors in Georgia and Louisiana.  An overview of some key

Personalized advertising and pricing are increasingly common online practices, and prompt discussions about fairness and consumer rights in the EU.  This post examines how these practices are regulated under EU consumer protection law, and what we anticipate from the forthcoming Digital Fairness Act (DFA).  We also consider how data protection rules—such as the GDPR—interact with

On June 19, 2025, the French Data Protection Authority (“CNIL”) published two recommendations for AI developers.  The first recommendation covers reliance on the GDPR’s legitimate interest legal basis for developing an AI model.  It provides examples of legitimate interests that can justify the use of personal data for AI development.  The second recommendation discusses measures

Since the beginning of 2025, there have been a flurry of bills introduced at the state and federal level related to genetic privacy, which follows a similar trend over the past several years.  These bills have focused on a range of issues, including general genetic privacy, national security implications of “foreign adversaries” accessing genetic information,

On June 10, 2025, the Finnish Data Protection Ombudsman published a decision (in FI) where it found that the processing of personal data for enforcing parking violations was unlawful because the enforcement mechanism was not described in the parking rental agreement.  This recent decision is a striking example of how data protection and consumer protection

On June 6, 2025, President Trump issued an Executive Order (“Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144”) (the “Order”) that modifies certain initiatives in prior Executive Orders issued by Presidents Obama and Biden and highlights key cybersecurity priorities for the current Administration.  Specifically, the

In May 2025, the Court of Justice of the EU (“CJEU”) ruled on five cases applying EU consumer protection law. This blog post provides an overview of the decisions.

  • Three of these cases relate to the EU Unfair Contract Terms Directive (“UCTD”), which protects consumers from unfair terms in contracts with businesses. It applies to